Mark Salyzyn | 0175b07 | 2014-02-26 09:50:16 -0800 | [diff] [blame] | 1 | /* |
Mark Salyzyn | 1114f18 | 2014-02-21 13:54:07 -0800 | [diff] [blame] | 2 | * Copyright (C) 2012-2014 The Android Open Source Project |
Mark Salyzyn | 0175b07 | 2014-02-26 09:50:16 -0800 | [diff] [blame] | 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Mark Salyzyn | 1114f18 | 2014-02-21 13:54:07 -0800 | [diff] [blame] | 17 | #include <errno.h> |
| 18 | #include <stdio.h> |
| 19 | #include <stdlib.h> |
Mark Salyzyn | 801bcec | 2015-04-01 09:10:04 -0700 | [diff] [blame^] | 20 | #include <string.h> |
Mark Salyzyn | 1114f18 | 2014-02-21 13:54:07 -0800 | [diff] [blame] | 21 | |
| 22 | #include <private/android_filesystem_config.h> |
| 23 | |
Mark Salyzyn | 0175b07 | 2014-02-26 09:50:16 -0800 | [diff] [blame] | 24 | #include "LogCommand.h" |
| 25 | |
Mark Salyzyn | c03e72c | 2014-02-18 11:23:53 -0800 | [diff] [blame] | 26 | LogCommand::LogCommand(const char *cmd) |
| 27 | : FrameworkCommand(cmd) { |
Mark Salyzyn | 0175b07 | 2014-02-26 09:50:16 -0800 | [diff] [blame] | 28 | } |
Mark Salyzyn | 1114f18 | 2014-02-21 13:54:07 -0800 | [diff] [blame] | 29 | |
| 30 | // gets a list of supplementary group IDs associated with |
| 31 | // the socket peer. This is implemented by opening |
| 32 | // /proc/PID/status and look for the "Group:" line. |
| 33 | // |
| 34 | // This function introduces races especially since status |
| 35 | // can change 'shape' while reading, the net result is err |
| 36 | // on lack of permission. |
| 37 | // |
| 38 | // Race-free alternative is to introduce pairs of sockets |
| 39 | // and threads for each command and reading, one each that |
| 40 | // has open permissions, and one that has restricted |
| 41 | // permissions. |
| 42 | |
| 43 | static bool groupIsLog(char *buf) { |
| 44 | char *ptr; |
| 45 | static const char ws[] = " \n"; |
| 46 | bool ret = false; |
| 47 | |
| 48 | for (buf = strtok_r(buf, ws, &ptr); buf; buf = strtok_r(NULL, ws, &ptr)) { |
| 49 | errno = 0; |
| 50 | gid_t Gid = strtol(buf, NULL, 10); |
| 51 | if (errno != 0) { |
| 52 | return false; |
| 53 | } |
| 54 | if (Gid == AID_LOG) { |
| 55 | ret = true; |
| 56 | } |
| 57 | } |
| 58 | return ret; |
| 59 | } |
| 60 | |
| 61 | bool clientHasLogCredentials(SocketClient * cli) { |
| 62 | uid_t uid = cli->getUid(); |
| 63 | if (uid == AID_ROOT) { |
| 64 | return true; |
| 65 | } |
| 66 | |
| 67 | gid_t gid = cli->getGid(); |
Mark Salyzyn | 57a0af9 | 2014-05-09 17:44:18 -0700 | [diff] [blame] | 68 | if ((gid == AID_ROOT) || (gid == AID_SYSTEM) || (gid == AID_LOG)) { |
Mark Salyzyn | 1114f18 | 2014-02-21 13:54:07 -0800 | [diff] [blame] | 69 | return true; |
| 70 | } |
| 71 | |
| 72 | // FYI We will typically be here for 'adb logcat' |
| 73 | bool ret = false; |
| 74 | |
| 75 | char filename[1024]; |
| 76 | snprintf(filename, sizeof(filename), "/proc/%d/status", cli->getPid()); |
| 77 | |
| 78 | FILE *file = fopen(filename, "r"); |
| 79 | if (!file) { |
| 80 | return ret; |
| 81 | } |
| 82 | |
| 83 | bool foundGid = false; |
| 84 | bool foundUid = false; |
| 85 | |
| 86 | char line[1024]; |
| 87 | while (fgets(line, sizeof(line), file)) { |
| 88 | static const char groups_string[] = "Groups:\t"; |
| 89 | static const char uid_string[] = "Uid:\t"; |
| 90 | static const char gid_string[] = "Gid:\t"; |
| 91 | |
| 92 | if (strncmp(groups_string, line, strlen(groups_string)) == 0) { |
| 93 | ret = groupIsLog(line + strlen(groups_string)); |
| 94 | if (!ret) { |
| 95 | break; |
| 96 | } |
| 97 | } else if (strncmp(uid_string, line, strlen(uid_string)) == 0) { |
| 98 | uid_t u[4] = { (uid_t) -1, (uid_t) -1, (uid_t) -1, (uid_t) -1}; |
| 99 | |
| 100 | sscanf(line + strlen(uid_string), "%u\t%u\t%u\t%u", |
| 101 | &u[0], &u[1], &u[2], &u[3]); |
| 102 | |
| 103 | // Protect against PID reuse by checking that the UID is the same |
| 104 | if ((uid != u[0]) || (uid != u[1]) || (uid != u[2]) || (uid != u[3])) { |
| 105 | ret = false; |
| 106 | break; |
| 107 | } |
| 108 | foundUid = true; |
| 109 | } else if (strncmp(gid_string, line, strlen(gid_string)) == 0) { |
| 110 | gid_t g[4] = { (gid_t) -1, (gid_t) -1, (gid_t) -1, (gid_t) -1}; |
| 111 | |
| 112 | sscanf(line + strlen(gid_string), "%u\t%u\t%u\t%u", |
| 113 | &g[0], &g[1], &g[2], &g[3]); |
| 114 | |
| 115 | // Protect against PID reuse by checking that the GID is the same |
| 116 | if ((gid != g[0]) || (gid != g[1]) || (gid != g[2]) || (gid != g[3])) { |
| 117 | ret = false; |
| 118 | break; |
| 119 | } |
| 120 | foundGid = true; |
| 121 | } |
| 122 | } |
| 123 | |
| 124 | fclose(file); |
| 125 | |
| 126 | if (!foundGid || !foundUid) { |
| 127 | ret = false; |
| 128 | } |
| 129 | |
| 130 | return ret; |
| 131 | } |